Owen Mehegan wrote:
I'm running SA 3.0.2 with Postfix and a few SARE custom rule sets (with
weekly rules du jour updates).
FWIW, SA 3.0.2 is vulnerable to multiple DoS attacks. Unless you're using a
distro port which has backported fixes, I'd strongly suggest an upgrade.
At this time the only practical versions of official SA with no massive bugs or
security holes are: 3.0.5, 3.1.0 and 3.1.1.
AFAIK 2.64 is also safe from security holes, but it's too old to be practical.
This has been working amazingly well for
over a year, but lately a few things have been getting through, and with
unusually low scores. I'm attaching two here - if anyone would be
willing to run these through their rules and see how they score, it
would be much appreciated. Perhaps I just need some new rule sets, or
just to upgrade to the latest SA.
<snip>
-2.8 ALL_TRUSTED Did not pass through any untrusted hosts
ALL_TRUSTED should *never* match outside email. Looks like your trusted_networks
needs to be set manually.
see
The other alternative is it is mismatching due to a bug in the trust code that
is fixed in 3.0.5 and higher.
